1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" This code is derived from software contributed to Berkeley by 5.\" Donn Seeley at Berkeley Software Design, Inc. 6.\" 7.\" %sccs.include.redist.roff% 8.\" 9.\" @(#)init.8 8.6 (Berkeley) 05/26/95 10.\" 11.Dd 12.Dt INIT 8 13.Os BSD 4 14.Sh NAME 15.Nm init 16.Nd process control initialization 17.Sh SYNOPSIS 18.Nm init 19.Sh DESCRIPTION 20The 21.Nm init 22program 23is the last stage of the boot process. 24It normally runs the automatic reboot sequence as described in 25.Xr reboot 8 , 26and if this succeeds, begins multi-user operation. 27If the reboot scripts fail, 28.Nm init 29commences single user operation by giving 30the super-user a shell on the console. 31The 32.Nm init 33program may be passed parameters 34from the boot program to 35prevent the system from going multi-user and to instead execute 36a single user shell without starting the normal daemons. 37The system is then quiescent for maintenance work and may 38later be made to go to multi-user by exiting the 39single-user shell (with ^D). 40This 41causes 42.Nm init 43to run the 44.Pa /etc/rc 45start up command file in fastboot mode (skipping disk checks). 46.Pp 47If the 48.Nm console 49entry in the 50.Xr ttys 5 51file is marked ``insecure'', 52then 53.Nm init 54will require that the superuser password be 55entered before the system will start a single-user shell. 56The password check is skipped if the 57.Nm console 58is marked as ``secure''. 59.Pp 60The kernel runs with four different levels of security. 61Any superuser process can raise the security level, but only 62.Nm init 63can lower it. 64Security levels are defined as follows: 65.Bl -tag -width flag 66.It Ic -1 67Permanently insecure mode \- always run system in level 0 mode. 68.It Ic 0 69Insecure mode \- immutable and append-only flags may be turned off. 70All devices may be read or written subject to their permissions. 71.It Ic 1 72Secure mode \- immutable and append-only flags may not be changed; 73disks for mounted filesystems, 74.Pa /dev/mem , 75and 76.Pa /dev/kmem 77are read-only. 78The 79.Xr settimeofday 2 80system call can only advance the time. 81.It Ic 2 82Highly secure mode \- same as secure mode, plus disks are always 83read-only whether mounted or not. 84This level precludes tampering with filesystems by unmounting them, 85but also inhibits running 86.Xr newfs 8 87while the system is multi-user. 88.El 89.Pp 90Normally, the system runs in level 0 mode while single user 91and in level 1 mode while multiuser. 92If the level 2 mode is desired while running multiuser, 93it can be set in the startup script 94.Pa /etc/rc 95using 96.Xr sysctl 8 . 97If it is desired to run the system in level 0 mode while multiuser, 98the administrator must build a kernel with the variable 99.Nm securelevel 100defined in the file 101.Pa /sys/compile/MACHINE/param.c 102and initialize it to -1. 103.Pp 104In multi-user operation, 105.Nm init 106maintains 107processes for the terminal ports found in the file 108.Xr ttys 5 . 109.Nm Init 110reads this file, and executes the command found in the second field. 111This command is usually 112.Xr getty 8 ; 113.Xr getty 114opens and initializes the tty line 115and 116executes the 117.Xr login 118program. 119The 120.Xr login 121program, when a valid user logs in, 122executes a shell for that user. When this shell 123dies, either because the user logged out 124or an abnormal termination occurred (a signal), 125the 126.Nm init 127program wakes up, deletes the user 128from the 129.Xr utmp 5 130file of current users and records the logout in the 131.Xr wtmp 132file. 133The cycle is 134then restarted by 135.Nm init 136executing a new 137.Xr getty 138for the line. 139.pl +1 140.Pp 141Line status (on, off, secure, getty, or window information) 142may be changed in the 143.Xr ttys 144file without a reboot by sending the signal 145.Dv SIGHUP 146to 147.Nm init 148with the command 149.Dq Li "kill \-s HUP 1" . 150On receipt of this signal, 151.Nm init 152re-reads the 153.Xr ttys 154file. 155When a line is turned off in 156.Xr ttys , 157.Nm init 158will send a SIGHUP signal to the controlling process 159for the session associated with the line. 160For any lines that were previously turned off in the 161.Xr ttys 162file and are now on, 163.Nm init 164executes a new 165.Xr getty 166to enable a new login. 167If the getty or window field for a line is changed, 168the change takes effect at the end of the current 169login session (e.g., the next time 170.Nm init 171starts a process on the line). 172If a line is commented out or deleted from 173.Xr ttys , 174.Nm init 175will not do anything at all to that line. 176However, it will complain that the relationship between lines 177in the 178.Xr ttys 179file and records in the 180.Xr utmp 181file is out of sync, 182so this practice is not recommended. 183.Pp 184.Nm Init 185will terminate multi-user operations and resume single-user mode 186if sent a terminate 187.Pq Dv TERM 188signal, for example, 189.Dq Li "kill \-s TERM 1" . 190If there are processes outstanding that are deadlocked (because of 191hardware or software failure), 192.Xr init 193will not wait for them all to die (which might take forever), but 194will time out after 30 seconds and print a warning message. 195.Pp 196.Nm Init 197will cease creating new 198.Xr getty Ns 's 199and allow the system to slowly die away, if it is sent a terminal stop 200.Pq Dv TSTP 201signal, i.e. 202.Dq Li "kill \-s TSTP 1" . 203A later hangup will resume full 204multi-user operations, or a terminate will start a single user shell. 205This hook is used by 206.Xr reboot 8 207and 208.Xr halt 8 . 209.Pp 210The role of 211.Nm init 212is so critical that if it dies, the system will reboot itself 213automatically. 214If, at bootstrap time, the 215.Xr init 216process cannot be located, the system will panic with the message 217``panic: "init died (signal %d, exit %d)''. 218.Sh DIAGNOSTICS 219.Bl -diag 220.It "getty repeating too quickly on port %s, sleeping" 221A process being started to service a line is exiting quickly 222each time it is started. 223This is often caused by a ringing or noisy terminal line. 224.Em "Init will sleep for 10 seconds" , 225.Em "then continue trying to start the process" . 226.Pp 227.It "some processes would not die; ps axl advised." 228A process 229is hung and could not be killed when the system was shutting down. 230This condition is usually caused by a process 231that is stuck in a device driver because of 232a persistent device error condition. 233.El 234.Sh FILES 235.Bl -tag -width /var/log/wtmp -compact 236.It Pa /dev/console 237System console device. 238.It Pa /dev/tty* 239Terminal ports found in 240.Xr ttys . 241.It Pa /var/run/utmp 242Record of Current users on the system. 243.It Pa /var/log/wtmp 244Record of all logins and logouts. 245.It Pa /etc/ttys 246The terminal initialization information file. 247.It Pa /etc/rc 248System startup commands. 249.El 250.Sh SEE ALSO 251.Xr login 1 , 252.Xr kill 1 , 253.Xr sh 1 , 254.Xr ttys 5 , 255.Xr crash 8 , 256.Xr getty 8 , 257.Xr rc 8 , 258.Xr reboot 8 , 259.Xr halt 8 , 260.Xr shutdown 8 261.Sh HISTORY 262A 263.Nm 264command appeared in 265.At v6 . 266.Sh BUGS 267Systems without 268.Xr sysctl 269behave as though they have security level \-1. 270